[jboss-dev-forums] [Security Development] Document updated/added: "XACML Locators"
ANIL SALDHANA
do-not-reply at jboss.com
Tue Feb 9 12:32:45 EST 2010
JBoss development,
The document "XACML Locators", was updated Feb 9, 2010
by ANIL SALDHANA.
To view the document, visit:
http://community.jboss.org/docs/DOC-14768#cf
Document:
--------------------------------------------------------------
JBossXACML in PicketBox suite provides Oasis XACML v2.0 support for Java applications.
/resources/scripts/tiny_mce3/plugins/jiveemoticons/images/spacer.gif
*What are Locators?*
Locators are interfaces in JBossXACML that allow one to provide additional or missing information to the PDP during evaluation.
They include:
* Attribute Locators
* Resource Locators
Attribute Locators
Attribute Locators are consulted when the Policy specifies certain attributes to be necessary for evaluation and the the request comes without the required attribute. In that case, the PDP is going to ask the attribute locator for a value for the attribute to make an evaluation. Again, remember the attribute locator is driven by the POLICY and not the REQUEST.
Procedure for Attribute Locators:
* Write a subclass of org.jboss.security.xacml.locators.AttributeLocator
* The following methods need to be overridden in your attribute locator
* @see AttributeFinderModule#findAttribute(String, org.w3c.dom.Node, URI, org.jboss.security.xacml.sunxacml.EvaluationCtx, String)
* @see AttributeFinderModule#findAttribute(URI, URI, URI, URI, org.jboss.security.xacml.sunxacml.EvaluationCtx, int)
* Then specify the attribute locator in your configuration file as shown in the example below.
Resource Locators
These are used in the Hierarchical Profile if you decide to use it.
--------------------------------------------------------------
More information about the jboss-dev-forums
mailing list